Exploration of Cellular Based IoT Technology - Deral HEILAND
[Applause] so I just want to say thanks a lot for having me here and uh I'm looking forward to this hopefully everyone will enjoy this so our presentation exploration of cellular-based iot Technology again my name is darl Highland I am a principal security researcher at rapid 7 I've been there about 10 years so before we start I just want to put a shout out uh Carla carot bidner uh A friend of mine has been a co-researcher on this cellular project and also I want to make a shout out to Damian uh he did a presentation at hack in Paris in uh 2018 and in that he talked about transposing images to figure out the layout of circuit boards and we kind of use that in here also so I just want to give him credit for that so let's go ahead and get started so the first part we want to talk about is what we typically see in iot devices there's two standards of cellular modules that are used there's MB iot and LTE M uh significant difference between the two MB iot mb1 mb2 have kind of a lower bandwidth they're half duplex you often see these being used in devices that do Telemetry data and only Telemetry data an example of that would be GPS trackers so you definitely see these and GPS trackers the next one is LTM LT M1 M2 these particular cellular modules that we see are higher bandwidth as you can see in the picture uh one in four megabits they can actually move real data uh things like images audio video you can make phone calls across these particular devices and in this case they also support full duplex communication so that's the typical two devices that I've seen in almost every device that we've actually tore down and took a look at so let's dig oh all the other part of this is we talked about uh release 134 and 15 that laid out those but since then the 3gpp group has come out with other releases 15 16 17 the core devices never really changed what they ended up adding was more resources more functionality an example of that is like small cell support or 5G support so kind of keep the technology moving forward keep it up with what's changing in the cellular world but other than that the core devices haven't really changed much so why are we here besides talking about cellular to give you an idea why did I do this what was our purpose in this the goal is to get an understanding of Cellular in iot because we're seeing more and more of these devices show up a cellular an example would be uh home home security systems will actually have uh cellular capability for back haul we actually have camera systems that are purely cellular so we're seeing more and more devices start building Cellular in there medical devices is an example I just got a a device shipped to my house it happens to be a blood pressure cuff that you would give to you know a family member and all the data is cellular based up to the cloud makes it possible for the doctors to review that family members review that things like that so A more and more transition towards cellular for the communications one of the things I like to do anytime I'm looking at a new technology or an advancement of technology is literally tear it apart I want to tear it down top to bottom figure how it's built how it's constructed how I can interact with it and the goal of that is to be able to teach other people to understand the technology so much everyone's into hey let's a buffer over flow or format string or flaw or some of attack but often you can leverage technology against itself so if you really really understand how it works it gives you the ability to go much farther in your testing and your examination of that technology for security purposes so literally let's take it apart figure out how it works figure out how we can communicate with it how we can actually leverage the technology itself to carry on further attack are testing within the environment so as it says here IR ovens hot plates hot air Reflow let's take the device apart let's see what it's made up of so we start taking the shield off we find out components are packed in there pretty good every time I get a device that has a cellular module type in it I go buy extras and I throw it into an oven I strip it bare of all of its components and I start reverse engineering the circuit board's layout out so I can see how the components are laid out can an attacker if he wanted to gain more access most of these devices are LGA devices land grid array devices so all of the connections of the circuit board are underneath it so to keep from taking it off the circuit board can I find access to usable data by taking the shield off and going in from the top so literally that's what we do we figure the LGA layout we strip the board we start figuring out the components flash memory start figuring out the CPU and then we delve into things like hey can I get access to J tag on this device so we start mapping out the J tag from that circuit level and then trace it out on the surface of the board and go hey can I get access to things like this without doing other more intrusive stuff now obviously that's intrusive okay we've destroyed a chip but hey I've lost count of the number of chips I've totally destroyed so here's a memory chip so you have a memory chip on these devices it uh happens to be a multi-chip package a multi-chip so if you look at the pin layout and you're familiar with this it looks just like it 162 ball BGA embedded multi-chip package the thing is this does not have an internal embedded controller on it so you just can't pull it off drop it into reader and mount it up as a file system it's a little more complex than that what we want to do is hey I want to get memory off this the chip reader sockets cost about 800 bucks a piece every one of them's different size that means every one of these chips the pin out pitch is the same but the body of the chip will change 8 by 10 millim 9 by 11 mm 13x 11 mm so if you have to die a different buy a different socket for everyone the money goes up you start looking at several thousand EUR to get sockets for this and I'm cheap I like to do things the cheap way not necessarily the easy way but there's a method to my madness and and I've published it you'll see that in a minute so what we do is you get a pin pin diagram for the device now these particular chips there are no data sheets for them but I was able to find a pin out the pinout for this manufacturer and the other manufacturers are all the same the reason why is if the Chip's not available a manufacturer of a module will go buy it from another manufacturer and just drop it into place so then what we do is we map that to the chip and then we ball the chip so we put balls on the chip we can see it here so we add Balls to the chip and the purpose of that I found out instead of trying to just solder straight to it with a wire which is mad okay it's not that easy but once you put the balls on there you can take fine gauge wire like 40 gauge wire press it against the Ball tap it with a solder iron and it instantly connects to it and we can wire up one of these chips on our microscope fairly quickly and then well we're dealing with the fact that we don't have the data sheet on this but found out if you go by get the Sal slick you can find out critical information about the chip silicon how big it is bit speed its rate its function structure all that for an N Flash and then what you do is you go to same manufacturer and you look through all of his chips different package Styles and try to find a chip that has that same specifications because companies do not produce new silicon they re reuse the same silicon and just put it in a different body so then you go ahead and I built out a 48 pin zif socket I go to the manufacturer I find a t-a 48 that uses the same silicon or at least I think uses the same silicon I wire it up like it does and then I try to read it with a chip reader I'd say about 50% of the time it'll tell me it has the same chip identifier between the two chip bodies and then it reads no problem if it says that it doesn't match I said ignore it run anyways I have yet to have this not work and not able to dump all the memory off these chips using this process it works fairly well down at the bottom is a link uh to a blog or a paper where I go through this entire process and like I said the ultimate goal is to process this stuff to the point where other people repeat it and learn from it so that data is out there uh and it's very effective actually able to pull memory off these chips so then we want to get into kind of the interaction with the hardware so when you want to talk to a cellular module Oh wrong slide I'm a little ahead of myself I apologize so you want to interact with the actual Hardware what you want to do is a process that Damian talked about at Tack and compis in 2018 you want to actually make opposite image of the back side of the board and then transpose them over each other and by setting these at like 50% density and then overlaying them you can see the reference between all the components on one side or the other side it makes it easier for tracing out critical things on the board that you want to uh tap into and actually look at to take it to another level I go ahead and get the actual land grid array for the cellular module and I overlay it now quickly I can look at this and go hey the Yellow Boxes up there are uart the coral boxes in the lower leftand corner are USB now I know where everything's connected on the board and the most likely place that I'm going to have areas that I can connect into to access the USB and the uart and it's very effective I use this on a regular basis it simplifies it saves me a little bit of time because sometimes these chips are oriented these modules are oriented very different on the boards and you can easily be trying to trace out something on one side of the board or one end of the board when in reality it's on the other end of the board and this makes it easier to get that image in your head and Target the right area on the board so then we start thinking you know I'm sitting in my lab at home and I'm like okay so we can trace it out what happens if the manufacturer the circuit board this module's attached to design a really well board and that board all of the connections that I'm interesting looking at are not on the surface they're on a su layer so they go from the LGA which is underneath the chip body they go over to the CPU who's a BGA and everything's one of the sublayers and I can't get access to it so I started thinking about this and I'm thinking these modules are fairly good size the cool thing is if you look at these land grid array all of the critical stuff is always on the outer edges always on the edge outer edges so I started thinking what if and you can see them there in that picture there you can see the actual L grid arrays along the edge what if I used acupuncture needles so I went out and uh you can't normally in the US buy acupuncture needles because they're like medical things but you can buy these things that are used to clean out uh printers 3D printers that are basically the same acupuncture needles they just label them as non-medical and you can buy them you get them in different sizes I think I have .1 mm 0.15 0.2.3 and. 35 in my lab and what you do is you make up a rig and you inserted underneath the edge of the Chip and attach to the critical communication circuits you want to talk to this works pretty good especially on the smaller modules I did notice on some of the larger modules where the land grids are further up underneath they may be upwards of 2 and 1 12 millim sometimes when these are are put on the board the actual modules have a tendency to Cup and when they cup they close up the edge and makes it difficult to do that but they don't always do that so if there's a gap along the edge acupuncture needles will let you tap into those circuits very effectively capture data and communicate with the module if you need to so circuit board communication so how do you communicate to a cellular module so I don't know how many people in here are familiar with old modems at commands on modems okay we we have a few well it turns out that most RF devices have that capability including these These are completely controlled and managed via AT commands now if you're looking at the old Haze at compatible at command structure it's not the same this this is way more advanced there's way more commands that can be sent to these devices to actually uh control them another important fact if you have a device that takes AT commands and you get an at command manual for it it'll list all the commands all the data well not all the commands and that seems to be the problem it turns out on a lot of these cellular modules there can often be a number of commands that aren't listed it in the 18 manuals so to solve this problem me and my friend Carla went out and gathered all the at command manuals for each manufacturer and compiled them into a list and then we wrote some python script which at the end of this slide deck there'll be a link for that uh that list and we wrote some uh scripts that we can connect into the modules and run all these at commands in the standard help check mode which basically it's a command that actually will say does this command exist and what is its syntax and we can easily scan a device and figure out what are all the AT commands that do work and the cool thing is there's a lot of cool commands in there and they're not always documented in the manual which we're going to show here so the communication types on cellular modules are USB and uart so there's generally three types of communication capabilities on these devices it's often USB high-speed inter chip which is 480 megabits per second and then there's also I I list a couple other there because they do exist there is an esub which is an embedded USB structure I haven't really seen them on modems but I've seen them on other devices and then you can see standard the difference between the standard and the highspeed intership typically is related to the fact that on standard there is a negotiation that takes place on the bus to figure out and assign an ID to a a device because you can have multiple devices on a USB bus thing is when you're looking at intership communications there is not typically multiple devices on the bus there's one you have the CPU and the devices talking to so there's no need to negotiate and that's where high-speed interships kind of a a a subset of standard then you have Ur you have two different URS on a cellular module you have an external debug Ard you can tap into that and you can watch the device boot up often a lot of those will actually have a log on prompt you can actually log on the device if you know the password the other one which is called main uart is an inter chip art it'll go from a microprocessor to the module now both of these are used for communication and data but they're never used at the same time so a device is designed to use USB it'll send commands it'll send data it send control information or it uses Ur to do the same thing yeah I've never seen a device that will actually do both so if you can identify communication on either one of these you can make the Assumption the other one's not going to be used often I found them to be completely disconnected in the circuit there's no runs or traces associated with those the device we're going to show today in our demo videos it did actually have both of them connected but only USB was used even though the uart was connected to the CPU it did nothing no responses on it from the CPU there was response on it from the other thing so when both these are up there even though one's not used let's say USB is being used which is our example today the urart can still be connected to it and take commands and take data so it makes for an interesting Vector for you to control the device so when we start talking about interchip Communications there's a couple key things to think about so we're looking at this here this would be how that CPUs uh main yor connects to the EG 91 module if you wanted to listen to traffic on this and it was a normal full Traffic uart main uart the thing is is you can't hook it up like a regular uart you're going to have to listen to RX on both sides remember both sides are communicating both directions the CPUs is talking and the modules talking and it goes back and forth so you have to use two ftdi devices connect up to the device and then you're able to capture data but if I want to communicate to the device I want to send commands to the device it has to be done a little different turns out you have to sever the circuit standard Ur Communications if they're connected on both ends and you hook to it will not take your commands it's electronic thing go figure unless there is one exception I did document it in a paper if there is a terminating resistor or an impedance matching resistor on both sides of this between the devices or a voltage translator because one's 1.8 or 3.3 often in those cases you can hook your your your own ftdi device up there and put a resistor a terminating resistor in the circuit yourself and you can also communicate so it's about 75% of the time 80% of the time I see them directly connected I don't see any resistors in place in those cases there you're going to have to cut the runs Connect into it with the device so and and that's pretty straightforward so we start thinking about this here's an example here so this is a device we're going to show today so we Trace everything out we see we have a transmit and receive right here so we connect wires here we go further up the runs we follow up the runs connect two more wires and then just cut the runs and if you have a device that's actually used in the uart for real Communications cutting the runs is typically a bad thing so the solution to that is we actually put into it a control board we pull everything out here control board gives us wire strips uh I build these like oh gosh all the time so I have tons of these laying on my lab and it has on and off switches so it gives us the ability to hook everything up turn the switches on so Communications let the device run normal and at some point when we want to send the command open it up send our commands close it back up most of the time there's no latencies issues you will once in a while encounter a device that sends out a lot of Watch Dogs and if it misses like three Watch Dogs it'll reset the device you got to watch for that uh when you're working with these devices so now that we've taken this device just so you know what this device is so I brought one in it happens to be a trail camera used for Capt capturing wildlife in the woods is what this device is it's no sense in not know what it is I know you can see it's a camera but hey so then we take the thing apart we've cut the runs we've rerouted uart this particular device uses USB for all of its commands and we're going to look at the USB traffic here shortly but since it uses USB for all of its commands we know it doesn't use uart so literally we can cut the runs leave the circuit open we don't have to work worry about that so we have a quick little video here so what we're going to do is we're going to power the device up and we're going to see a ready command come from the microc or from the uh cellular module when it Powers up it's going to send some commands out on both channels the CPU cares less about this one it cares about the one that's on the other side so when it sends out the ready command what we're going to do is we're just going to start talking to it this happens to be a Quil EG 91 we hook the wires in we cut the runs all the anti wires I like the breakout boards because I could put put all these headers on there and I can hook any kind of tested gear into this device that I need to for whatever I'm doing and I'm using really small 1.8 volt uh ftdi devices on this that are easy to mount on a circuit board uh for design and there we go me pointing at that so that's cool but let's go ahead and we're going to power it up and then we're going to see a ready command come up so what I did in this so when we fire it up and we get a ready command up here I'll send an at command to make sure it's okay and everything's fine okay we got a ready command I put an at command in there and then I can just start sending AT commands to it okay so we instantly see that I can actually check the configuration I can see who it's connecting to and then out of kicks I went ahead and actually carried out an FTP transaction I connected to the internet to an FTP server on the internet while this device is still being a trail camera that functionality has never changed and I actually had it bring Brown a directory listing on a device this particular command's not in the command manual there's a lot of communication commands that were not in the manual so you can see now even though the device is functioning normal it came up ready through other monitoring we validate that it connected out registered to the cell service everything's working and that's based on some of those commands I ran there showed me that the connections were there and everything was synced up properly at that point I could do whatever I want with this device it's going to carry out my cans my transactions so the next thing I want to look at is USB so we know the Art's there we know we can communicate with it what does USB communic Communications look like this was more problematic this took me a while to get around to figuring it out appropriately there is a lot of there is a lot of USB sniffers out there that are open source but I assure you I don't think any of them can do interner chip communication sniffing almost all of them are pass through devices so you have to have a USB device a machine and then you put the listener in between well we can't do that here when you get into circuit design related to USB communication I think the limitation is really short like 10 less than 10 cmet like 3 4 cmet on a circuit board if you extend it out beyond that without proper termination it'll quit working and if you try to put a device in between it route it off Route it like we did with the art it won't work so it turns out I end up picking up a device called a beagle this is the only Manu ufacturer I could actually find that said their devic is capable of interchip communication sniffing on the USB bus unless you want to spend 10 grand this on the other hand was not cheap this was probably ,200 so not cheap so I'm looking for open- Source solution out there that somebody may be aware of that will do inner chip I just don't want to spend a th000 2,000 EUR buying devices to find out they don't work so if you have a device try this out let me know and I'll share it with the community but for you to communicate to this device we traced out the USB runs on the device it's often to see terminating resistors at least that's what I thought these were terminating resistors on the circuit between a CPU and a cellular module turned out that these are zero resistance resistors so basically jumpers put in place but to make this device work you can't just tap into a circuit it will load the circuit down manufacturers said put a 20 to 40 Ohm resistor in place so that's what we did we soldered in couple 20 ohm or 33 ohm in this case 33 ohm resistors in the circuit and then we go ahead and we can hook our wires into that to our device as we see hooked up here since there was no 5vt uh us be 5 volts taable on the device that's why you see the red back wire I just fed back into the Beagle device 5 volts to tell it like yeah there's like a device there uh to trick it so we have a video here and it's going to go showing capturing the USB traffic and when I first filed this up man I was like my wife thought I gone crazy it's like yeah it's like screaming and running around because I actually got a device would do it right um so when we start this out uh I know I I'll expand some of these out so you can see more of the detail I apologize it's kind of hard to adjust this stuff out but let's take a look at what's going on here so we just powered up the device and we're seeing all this data but we're all seeing seeing USB communication traffic all mixed in there we don't want that so we can come over here and actually pick data and filter it only so instantly we can stream out all of the information that's USB Communications uh and actually only get the data so we're seeing all the commands hit the actual cellular module some of the same commands you see me run from the UR console and this is all coming from the CPU and the CPU is very verbose as you can see it's repeating the commands over and over and over and over so it's constantly using that as a Watch Dog to make sure the circuit is up and everything's running that happens to be the firm Ware version that is on the chip so there's commands you can get the firmware version that the Chip's on and I think here eventually I actually had it took me a while to get this thing to start triggering taking pictures and sending them to Cloud but eventually it actually did it's still thinking about it come on you know when you film these things for video you think this will go fast then you stand in front of 500 people and it's like it's thinking about it so we can go asky we could search all the data so we're looking for bucket because I know bucket happens to be an Amazon S3 bucket name so here we can actually see the keys uh as you notice as we go through this I do not show you enough that you could break in and steal all of my stuff okay so that's half of one of the keys and you'll see this was kind of cool so we get in here we can see we have the S3 Amazon Cloud we can see the location the bucket names trail camera it has a key name and I don't think I show the password apparently the device has a password and all that stuff so literally I can capture all the communications which is considered in this case machine to machine uh Communications and now I can take it offline you know if I'm testing a product or testing an ecosystem for somebody now I have enough data I can connect straight up to that S3 bucket and start testing to see if it's secure because now I've captured all the comms on how this thing works let's go ahead and move forward so this brings up an interesting story and the story goes like this when I run run and start looking at devices most of the certain percentage of devices just connect to the internet via cellular coms but not all of them do we run into some that have actually started used in private connections so it'll be private VLAN or private Cloud connections so this device doesn't do it but I've seen devices not too long ago that actually did this what that means is when they connect to the cloud or connect to these private connections people from the internet can't get to it the only thing you can get to it is through this machine and now we've actually showed that we can control the machine so in that private VLAN we start thinking about it we have a device it connects out and if this is purely private all of these Key Systems in the back end the machine has has access to it we don't have access to it well until now okay what we can do with the device this device has a ton of really cool commands so again we tapped into it we cut the runs we move the data out let's have a little little fun so what I wanted to do is is this thing had socket capability now I assure you there's way more possibilities here this is just scraping the CCH circuit and I was wanting to know hey can I build a port scanner and use the modem to do Port scanning for me so I wrote a script the script's fairly simple it opens up a socket it connects to a port it gets a response back whether the port's open or closed closes the port moves on to the next one so we're going to do a quick example and here's kind of the commands or the error messages that can come back back so you get a lot of different error messages so we're going to go ahead and kick this off so we're listening up here and we see we end up got a ready command so we're going to close it we know the mo modem's uppr running and now we're going to run our scanner and it connects out we got a z 0 Port 80 is open we know that now Port 3389 is closed there only two Port open on this particular device I'm pointing this at this was a device I had legal access to do this to on the internet so I got to worry about things like that as you can see maybe not the fastest scanner in the world but if I'm connecting into backend virtual cloud services or if I'm connecting to through a private vland to a subset of critical systems that are only accessible by this device or maybe even other devices then I think this is sufficient we can quickly analyze see what port are open and then use the device as a pivot point into that private virtual Cloud private vlam so uh so I don't know if you guys caught them all Port 80 was open and Port 22 was open the rest of them were closed in this particular case in this example so what other possible capabilities are there I think in this case here this particular device also has the ability to set up a USB Ethernet I haven't done that yet it's on a list of things to do so can I establish a completely functioning ethernet where I can actually send data out the other thing we can think about during this whole attack Vector is since we have this level of access we have the ability to pull all the configurations out of the device off the modem we're able to pull all of the other critical data from the cloud because we can capture USB by doing inter chip communication analysis now we could easily Port all this out to a breakout board and then take it to the next level now we have the ability to authenticate all to all these components all of these type of things and then possibly we could turn that into basically EET port and I think that's doable here with a little more research in time not sure where we at on time oh looks like we got 10 minutes I'm a little ahead of myself but let's kind of move on so we happen to have some listed items here uh I recommend checking them out I will be releasing a paper here right before Defcon on the cellular stuff where we kind of expand out more on some of the stuff because it's kind of hard to do it all in 45 minutes but you can gain access to this data it's all available online please check it out follow me on Twitter uh reach out through me email if you have any questions feedback input do not hesitate to reach out to me I very much a community-driven person all of my research is open- Source I share it freely with everybody uh and I'm excited uh to take this project even further or find other people who' have done similar things or are working on other things so so kind of in conclusion as you can see by looking at devices via interchip Communications USB Ur we can capture a wealth of information and get a good understanding of what in to-end security looks in this technology versus attacking it externally We Go From the Inside Out we also have the ability to change configure and modify the functionality of a device through interchip Communications and the cellular modules are brilliant I mean with the amount of command sets are available everything that device does is being done through at commands all the capture all the tunnels all the commands all the structure all the communication of data it's all being done through at commands take those at commands and disguise the limit on what you could possibly get these devices to do so I I hope you guys found this interesting and useful thank you very much will you do cuning I'll take questions do you have any questions please raise your arm stand up hello well first of all thanks for the presentation it was very interesting uh as was just wondering what is the most unexpected thing you ever found on an iot device in terms of backdoors or undocumented functionality yeah undocumented functionality on iot devices is some something I always look for unfortunately I never find as much as I want uh but I had a device number of years ago that was being uh associate with press was actually using these panic buttons which were cellular based panic buttons to actually be protected from being kidnapped by Colombian drug lords in Columbia South America and they wanted me to look at these things I found out with a single SMS command I could flush the device reconfigure it turn it into a listening device and a tracking device through SMS messages and then the next step was well how do I identify what the SMS message phone number is I found out I could identify the phone number address range and I found an undocumented command that hadn't been quite implemented completely and when I sent that command the device would air out with an SMS response back to me that I could fingerprint it as a listening device uh so yeah there's there's crazy things uh from the area of undocumented commands and I think everyone needs at least try to find those when you get into that firmware it's one of the things I look for um and the case with this is not that the commands are not documented they documented by these manufacturers they don't list them always in the at manuals for that particular product but they still exist yes hey Damian hi uh was just wondering if you have ever tested uh you know just um some kind of at command at module emulation by just unpluging the quick tail module for instance and then emulate it with something in order to see what going on or make the device believe that something else well the one thing the the one thing so so one of the things I tell manufacturers it turns out that many of these cellular modules do not contain all the information to make them run for that product it's all sent from the CPU the thing is is many of these modules have capability of having a file system and a secure file system so I always recommend the manufacturers at some point either at the manufacturing process or the initial pairing process of the device to actually push that stuff into the secure file system structure unless you know the name of it you can't get it back out but I've only had one of them actually take me up on it uh and I think I think that's critical because because as you can see I can just listen to it and we get everything underneath the sun U but if they leverage the devices at their level of capability and I think this one actually has a secure file system too for actually putting config files I hope that answers your question yes thank you you're welcome right we're done yep thank you very much darl Halen
2024-10-21 16:35
